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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in 
the application: 

Cancel claim 25. 

Amend claims 23, 40, and 47, as follows. 

Listing of Claims: 

1 1 . (Previously amended) A method for providing firewall fault- 

2 tolerance in a network, the network including a plurality of firewalls, at 

3 least one server and at least one network flowswitch, the method 

4 comprising: 

5 detecting in the network flowswitch an occurrence of a failed 

6 firewall of the plurality of firewalls each having a different fixed media 

7 access control (MAC) address; 

8 detecting in the network flowswitch a packet from the server 

9 directed to the failed firewall after the occurrence of a failed firewall is 

10 detected; 

1 1 changing a MAC address of the packet to the fixed MAC 

12 address of a functional firewall of the plurality of firewalls when the packet 

13 is detected; and 

14 relaying the packet to the functional firewall after the MAC 

15 address of the packet is changed. 

1 2. (Original) The method of claim 1 wherein the network 

2 comprises a plurality of servers. 

1 3. (Previously amended) The method of claim 2 wherein 

2 relaying the packet to the functional firewall comprises relaying the packet 
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3 to the functional firewall over a medium that is not shred with packets 

4 directed to other firewalls or servers. 

1 4. (Original) The method of claim 1 wherein said detecting an 

2 occurrence of a failed firewall comprises sending a request to the plurality 

3 of firewalls, wherein an absence of a response from a particular firewall of 

4 the plurality of firewalls is indicative of a failure of the particular firewall. 

1 5. (Original) The method of claim 1 wherein said detecting an 



2 occurrence of a failed firewall comprises sending at least one Address 

3 Resolution Protocol (ARP) request to each firewall of the plurality of 

4 firewalls, wherein an absence of a reply to an ARP request from a 

5 particular firewall of the plurality of firewalls is indicative of a failure of the 

6 particular firewall. 



1 6. (Previously amended) The method of claim 1 further 

2 comprising: 

3 detecting an address resolution protocol (ARP) request from the 

4 server to the failed firewall; and 

5 responding to the ARP request with the fixed MAC address of 

6 the functional firewall, whereby the server is configured to send 

7 subsequent outbound packets with the fixed MAC address of the 

8 functional firewall. 

1 7. (Original) The method of claim 1 wherein said detecting an 

2 occurrence of a failed firewall comprises sending ICMP echo packets to 

3 each firewall of the plurality of firewalls and wherein an absence of a 

4 response from a particular firewall of the plurality of firewalls during a 

5 predetermined interval is indicative of a failure of the particular firewall. 
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1 8. (Original) The method of claim 1 further comprising: 

2 detecting a recovery of the failed firewall, the failed firewall 

3 becoming a recovered firewall; and 

4 terminating said detecting a packet from the server directed to 

5 the failed firewall when said failed firewall recovers. 

1 9. (Previously amended) The method of claim 8 further 

2 comprising waiting for a time-out period to expire after said detecting when 

3 the failed firewall recovers. 

1 10. (Previously amended) The method of claim 9 wherein the 

2 time-out period is greater than or equal to a time period needed for the 

3 recovered firewall to learn routes to all known clients. 

1 11. (Previously amended) The method of claim 8 wherein said 

2 detecting a recovery of the failed firewall comprises sending to the failed 

3 firewall a request, and a response from the failed firewall is indicative of a 

4 recovery of the failed firewall. 

1 12. (Previously amended) The method of claim 8 wherein said 

2 detecting a recovery of the failed firewall comprises detecting a packet 

3 from the failed firewall in response to a request. 

1 13. (Original) The method of claim 8 wherein said detecting a 

2 recovery of the failed firewall comprising sending ARP requests to each 

3 firewall of the plurality of firewalls, wherein an occurrence of a reply to an 

4 ARP request from the failed firewall is indicative of a recovery of the failed 

5 firewall. 
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1 14. (Original) The method of claim 1 wherein packets are 

2 transferred between the server and a firewall of the plurality of firewalls 

3 through a switch circuit. 

1 15. (Original) The method of claim 14 wherein the switch circuit 

2 comprises a switched Ethernet circuit. 

1 16. (Previously amended) An apparatus for providing firewall 

2 fault-tolerance in a network, the network including a plurality of firewalls, at 

3 least one server and at least one network flowswitch, the apparatus 

4 comprising: 

5 means for detecting an occurrence of a failed firewall in the 

6 plurality of firewalls each having a difference fixed media access control 

7 (MAC) address; 

8 means for detecting a packet from the server directed to the 

9 failed firewall after the failed firewall is detected; 

10 means for changing a MAC address of the packet to the fixed 

11 MAC address of a functional firewall of the plurality of firewalls when the 

12 packet is detected; and 

13 means for relaying the packet to the functional firewall after the 

14 MAC address of the packet is changed. 

1 17. (Previously amended) The apparatus of claim 16 further 

2 comprising: 

3 means for detecting an address resolution protocol (ARP) 

4 request from the server to the failed firewall; and 

5 means for responding to the ARP request with the fixed MAC 

6 address of the functional firewall, wherein the server sends subsequent 

7 outbound packets with the fixed MAC address of the functional firewall. 
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1 18. (Original) The apparatus of claim 16 wherein said means 

2 for detecting a failed firewall comprises means for transmitting a request to 

3 the plurality of firewalls, wherein an absence of a reply from a particular 

4 firewall of the plurality of firewalls is indicative of a failure of the particular 

5 firewall. 

1 19. (Original) The apparatus of claim 16 wherein said means 

2 for detecting a failed firewall comprises means for sending ARP requests 

3 to each firewall of the plurality of firewalls, wherein an absence of a reply 

4 to an ARP request from a particular firewall of the plurality of firewalls is 

5 indicative of a failure of the particular firewall. 



1 20. (Original) The apparatus of claim 16 further comprising: 

2 means for detecting a recovery of the failed firewall, the failed 

3 firewall becoming a recovered firewall; and 

4 means for disabling said means for detecting a packet from the 

5 server directed to the failed firewall when said failed firewall recovers. 

1 21 . (Original) The apparatus of claim 20 wherein said means 

2 for detecting a recovery of the failed firewall comprises means for 

3 transmitting a request to the plurality of firewalls, wherein a response from 

4 the failed firewall is indicative of recovery of the failed firewall. 

1 22. (Original) The apparatus of claim 16 wherein said means 

2 for detecting a recovery of the failed firewall comprises means for sending 

3 ARP requests to each firewall of the plurality of firewalls, wherein an 

4 occurrence of a replay to an ARP request from the failed firewall is 

5 indicative of a recovery of the failed firewall. 



6 of 16 



Serial No. 09/540,238 

Amdt. Dated 28 July 2005 ' 

Reply to Examiner's Answer of 30 June 2005 



1 23. (Currently amended) A network having firewall fault- 

2 tolerance, the network configured to be coupled to a network backbone, 

3 the network comprising: 

4 a switch circuit; 

5 a first firewall coupled to said switch circuit and the network 

6 backbone, said first firewall having a fixed media access control (MAC) 

7 address; 

8 a second firewall coupled to said switch circuit and the network 

9 backbone, said second firewall having a fixed MAC address different from 

10 the fixed MAC address of the first firewall; and 

11 a server coupled to the switch circuit, 

12 wherein the switch circuit is configured to detect when the first 



13 firewall fails, the switch circuit being further configured to monitor packets 

14 sent by the server to the first firewall and to change in the packet the fixed 

15 MAC address of [[the]] failed said first firewall to the fixed MAC address of 

16 [[the]] functional said second f i r e wa ll , firewall and relay the packet to the 

17 functional second firewall after changing the fixed MAC address of the first 

18 firewall to the fixed MAC address of the second firewall. 
19 



20 24. (Original) The network of claim 23 further comprising a 

21 plurality of servers, the plurality of servers including the server. 

22 

23 25. (Cancel) 

24 

25 26. (Original) The network of claim 23 wherein the switch 

26 circuit is configured to detect a failed firewall by transmitting a request to 

27 the first and second firewalls, wherein an absence of a reply from a 

28 particular firewall of the first and second firewalls is indicative of a failure 

29 of the particular firewall. 
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1 27. (Original) The network of claim 23 wherein the switch v 

2 circuit is configured to detect a failed firewall by sending ARP requests to 

3 the first and second firewalls, wherein an absence of a replay to an ARP 

4 request from a particular firewall of the first and second of firewalls is 

5 indicative of a failure of the particular firewall. 

1 28. (Original) The network of claim 23 wherein the switch 

2 circuit is configured to detect a failed firewall by sending ICMP echo 

3 requests to the first and second firewalls, wherein an absence of a reply to 

4 an ICMP echo request from a particular firewall of the first and second of 

5 firewalls is indicative of a failure of the particular firewall. 



1 29. (Original) The network of claim 23 wherein the switch 

2 circuit is configured to detect a failed firewall by monitoring responses 

3 from the firewalls to requests sent at predetermined intervals. 

1 30. (Previously amended) The network of claim 23 wherein the 

2 switch circuit is further configured to: 

3 detect an address resolution protocol (ARP) request from the 

4 server to the first firewall; and 

5 respond to the ARP request with the fixed MAC address of the 

6 second firewall, whereby the server sends subsequent outbound packets 

7 with the fixed MAC address of the second firewall. 

1 31 . (Original) The network of claim 23 wherein the switch 

2 circuit is further configured to: 

3 detect when the first firewall recovers; and 

4 terminate monitoring for packets sent by the server to the first 

5 firewall after the first firewall recovers. 
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1 32. (Original) The network of claim 31 wherein the switch 

2 circuit is further configured to wait for a time-out period to expire after 

3 detecting when the first firewall recovers. 

1 33. (Original) The network of claim 32 wherein the time-out 

2 period is greater than or equal to a time period needed for the recovered 

3 first firewall to learn routes to all known clients. 

1 34. (Original) The network of claim 31 wherein the switch 



2 circuit is configured to detect a recovery of the failed firewall by 

3 transmitting a request to the first and second firewalls, wherein receipt of a 

4 response from the failed firewall is indicative of a recovery of the failed 

5 firewall. 

1 35. (Original) The network of claim 31 wherein the switch 

2 circuit is configured to detect a recovery of the failed firewall by sending 

3 ARP requests to the first and second firewalls, wherein an occurrence of a 

4 reply to an ARP request from the failed firewall is indicative of a recovery 

5 of the failed firewall. 

1 36. (Original) The network of claim 31 wherein the switch 

2 circuit is configured to detect a recovery of the failed firewall by sending 

3 ICMP echo requests to the first and second firewalls, wherein an 

4 occurrence of a reply to an ICMP echo request from the failed firewall is 

5 indicative of a recovery of the failed firewall. 

1 37. (Previously amended) The network of claim 23 wherein 

2 packets are transferred between the server and the first firewall through 

3 the switch circuit, and between the server and the second firewall through 

4 the switch circuit. 
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1 38. (Previously amended) The network of claim 36 wherein the 

2 switch circuit is configured to provide full-duplex communication between 

3 the first firewall and the server. 

1 39. (Original) The network of claim 36 wherein the switch 

2 circuit comprises a switched Ethernet circuit. 

1 40. (Currently amended) A method for providing fault-tolerance 

2 in a network, the network including a plurality of firewalls each having a 

3 different fixed media access control (MAC) address, the method 

4 comprising: 

5 generating a request message on a first side of a first firewall in 

6 the plurality of firewalls; 

7 sending the request message through the first firewall to a 

8 second side of the first firewall; and 

9 processing an absence of a reply from the second side to the 

10 roqust request message as a failure of the first firewall, including 

1 1 replac i ng changing , in a detected packet, the fixed MAC 

12 address of [[the]] failed said first firewall [[with]] to the fixed MAC address 

13 of a functional second firewall of the plurality of fir e wa ll s, firewalls, 

14 and relaying the packet to the functional second firewall after 

15 changing the MAC address in the packet. 

1 41 . (Previously amended) The method of claim 40 further 

2 comprising: 

3 maintaining in a first memory on said first side a first functional 

4 status for each firewall; 

5 maintaining in a second memory on said second side a second 

6 functional status for each firewall; and 
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7 wherein said first functional status is identical to said second 

8 functional status. 

1 42. (Previously amended) The method of claim 41 further 

2 comprising: 

3 maintaining session information in a firewall for each session 

4 between computers separated by the firewall. 

1 43. (Previously amended) The method of claim 40 further 

2 comprising: 

3 sending the request message through the first firewall to a third 

4 side of the first firewall; and 

5 processing an absence of a reply from the third side to the 

6 request message as a failure of the first firewall. 

1 44. (Previously amended) The method of claim 40 wherein: 

2 the generating, sending and processing are performed in a 

3 switch circuit. 

1 45. (Previously amended) The method of claim 40 further 

2 comprising: 

3 performing Network Address Translation (NAT) in the first 

4 firewall; and 

5 adding a rule in the first firewall to maintain unchanged an 

6 internet protocol (IP) address of a source of the request message. 

1 46. (Previously amended) The method of claim 40 further 

2 comprising: 

3 receiving a request on a port; and 

4 sending a reply on said port. 
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1 47. (Currently amended) A network having fault-tolerance, the 

2 network comprising: 

3 a first switch circuit; 

4 a second switch circuit; and 

5 a plurality of firewalls each having a different fixed media access 



6 control (MAC) address, the plurality of firewalls being coupled to each of 

7 the first switch circuit and the second switch circuit, each firewall being 

8 coupled to the first switch circuit by a first medium that is not shared with 

9 another firewall in the plurality of firewalls and each firewall being coupled 

10 to the second switch circuit by a second medium that is not shared with 

1 1 another firewall in the plurality of firewalls; wherein 

12 a switch circuit of the first and the second switch circuits 

13 responds to a first firewall of the plurality of firewalls being functional by 

14 sending a first packet that has the fixed MAC address of the first f i owa l l 

15 firewall and is received by said switch circuit to the first firewall, and 

16 responds to a failure of the first firewall by replacing in a second packet 

17 received by said switch circuit the fixed MAC address of the first firewall 

18 with the fixed MAC address of a functional second firewall of the plurality 

19 of firewalls and sending the second packet with the replaced MAC 

20 address to the second firewall. 



1 48. (Previously amended) The network of claim 47 further 

2 comprising: 

3 a plurality of first computers, each first computer being coupled 

4 to the first switch circuit, each first computer being configured with the 

5 media access control (MAC) address of the first firewall, the first firewall 

6 being a default gateway for transferring packets outside the network. 
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1 49. (Previously amended) The network of claim 48 further 

2 comprising: 

3 a plurality of second computers, each second computer being 

4 coupled to the second switch circuit, each second computer being 

5 configured with the MAC address of the first firewall, the first firewall being 

6 a default gateway for transferring packets inside the network. 

1 50. (Previously amended) The network of claim 47 further 

2 comprising: 

3 a plurality of routers coupled to the second switch circuit. 

1 51 . (Previously amended) The network of claim 47 wherein 

2 each of the first switch circuit and the second switch circuit comprises: 

3 a first storage element encoded with a list of the plurality of 

4 firewalls; and 

5 a second storage element encoded with an identity of a firewall 

6 in the plurality as a replacement firewall for any other firewall in the 

7 plurality that has failed. 

1 52. (Previously amended) The network of claim 47 wherein: 

2 each of the first switch circuit and the second switch circuit is 

3 configured to send a request message to the other of the first switch circuit 

4 and the second switch circuit; and 

5 each of the first switch circuit and the second switch circuit is 

6 configured to treat absence of a response to the request message as a 

7 failure of a firewall through which the request message was sent. 

1 53. (Previously amended) The network of claim 52 wherein: 

2 the request message conforms to an internet protocol selected 

3 from the group consisting of: 
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4 (a) ping; 

5 (b) address resolution protocol (ARP); and 

6 (c) internet message control protocol (ICMP). 

1 54. (Previously amended) The network of claim 47 wherein: 

2 the first switch circuit transfers a plurality of packets to the first 

3 firewall through a first medium without changing any portion of any packet 

4 in the plurality of packets while the first firewall is functional. 

1 55. (Previously amended) The network of claim 47 wherein: 

2 the switch circuit replaces in each received packet the fixed 

3 MAC address of the first firewall with the MAC address of the second 

4 firewall and transfers each modified packet to the second firewall only 

5 while the first firewall is nonfunctional. 

1 56. (Previously amended) The network of claim 47 wherein 

2 each switch circuit comprises a switched Ethernet circuit. 

1 57. (Previously amended) A method of providing fault- 

2 tolerance in a network, the network including a plurality of firewalls each 

3 having a different fixed media access control (MAC) address, the method 

4 comprising: 

5 detecting a failure of a first firewall in the plurality of firewalls; 

6 and 

7 replacing, in a packet, the fixed MAC address of the first firewall 

8 with the fixed MAC address of a second firewall in the plurality of firewalls 

9 in response to the failure. 

1 58. (Previously amended) The method of claim 57 wherein: 

2 the detecting is performed in a switch circuit. 
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1 59. (Previously amended) The method of claim 57 further 

2 comprising: 

3 receiving the packet after detecting the failure and prior to the 

4 replacing. 

1 60. (Previously amended) The method of claim 57 further 

2 comprising: 

3 transferring a plurality of packets other than the packet, between 

4 a host and a firewall in the plurality of firewalls through a switch circuit. 

1 61 . (Previously amended) The method of claim 60 wherein: 

2 each of the packets contains a first internet protocol(IP address; 

3 and 

4 the method does not change the first IP address during 

5 transferring of the packets to any of the firewalls. 

1 62. (Previously amended) The method of claim 61 wherein: 

2 each of the firewalls has a first side and a second side; and 

3 each of the firewalls has the first IP address on the first side and 

4 a second IP address on the second side. 

1 63. (Previously amended) The method of claim 61 wherein: 

the method does not change the MAC address of any of the packets 
during the transferring, until the detecting of failure. 
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